Your Achievements
Level 1
0% to
Level 2
Next /
to gain points, level up, and earn exciting badges like the new Applaud 5 BadgeLearn more!
View All BadgesSign in to view all badges
Open Alert Bar
SOLVED

Re: How do we prevent phishing bots and spammers from filling out our forms?

Go to solution
Anonymous
Not applicable
‎03-18-2013 05:36 AM
‎03-18-2013 05:36 AM
We're starting to see a number of leads that are coming in from our contact us page that appear to be spam. What are some ways we could prevent this? Though the landing page currently uses an SFDC form, we are in the process of converting all website forms to Marketo forms. 

Our SFDC admin has suggested a hidden CAPTCHA method, but I'm not sure if the same is possible on a Marketo form. 
Labels:
Tags (1)
3,928
Reply
1 ACCEPTED SOLUTION
Josh_Hill13
Level 10 - Champion Alumni
Level 10 - Champion Alumni
‎03-18-2013 07:02 AM
‎03-18-2013 07:02 AM
Jessie,

There are a few articles on this. Do a quick search for "empty leads" or "form bots"
Try this article too. I think it has a link to one of those
http://www.marketingrockstarguides.com/marketo-form-instructions-164/

View solution in original post

3,419
Reply
14 REPLIES 14
Anonymous
Not applicable
‎11-19-2015 04:52 PM
‎11-19-2015 04:52 PM

I am desperate to solve this issue, and I'm not laughing...

0 Likes
3,418
Reply
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎11-19-2015 04:58 PM
‎11-19-2015 04:58 PM

I posted a recipe for adding a ReCAPTCHA to Marketo forms a couple of months ago -- search for it.

The claim that you can't add CAPTCHA to Marketo forms hasn't been true since webhooks have been available.

0 Likes
3,418
Reply
Anonymous
Not applicable
‎11-19-2015 05:11 PM
‎11-19-2015 05:11 PM

Thank you. I wrote that out of frustration/humor, but I'm not completely helpless. Possible solutions include:

1) Creating a "honeypot" or hidden field that filters anyone who fills it out to a Smart List for deletion Stop 99% of Your Spam Leads with Marketo | Fab Capodicasa | LinkedIn

2) Adding CAPTCHA - MktoForms2 :: reCAPTCHA  (your link from another article)

3) Hiring a web developer - Add JavaScript validation to the header of your landing pages. This checks to see if JavaScript is enabled on the browser - and, if not, redirects the lead to a page that advises them to do so. Spam bots do not have Javascript enabled.

4) Adding a script that restricts certain parameters ex. Email Domain http://developers.marketo.com/blog/restrict-free-email-domains-on-form-fill-out/

While all of these are valid solutions I still find myself a bit lost here. My personal solution for the time being is to take the Smart Lists that I've already created (This article is helpful for setting those up - http://developers.marketo.com/blog/how-to-clean-your-marketo-database/ ) to identify the spam leads using several filters and simply add a Flow step to delete them as they're identified.

0 Likes
3,418
Reply
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎11-19-2015 05:20 PM
‎11-19-2015 05:20 PM

While all of these are valid solutions I still find myself a bit lost here.

Surely spammers aren't ramming through your reCAPTCHA.  You mean you haven't rolled it out, right?

0 Likes
1,303
Reply
Anonymous
Not applicable
‎11-19-2015 05:24 PM
‎11-19-2015 05:24 PM

Exactly, I'm doing my due diligence before I move forward with any of the above steps.

0 Likes
1,303
Reply
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎11-19-2015 05:42 PM
‎11-19-2015 05:42 PM

OK.  #3 still doesn't make any sense.  Spambots don't care if there's a JS relocation or a <META> redirect.  If they can discover and submit a rendered form on page X, they will. Now, if the form only exists after a script has run (as with Forms 2.0 embed code) you might realize some benefits; if the rendered page is inspected, the endpoint is clear to see, but that does take a bit more work. 

For full protection, because Marketo endpoints always follow a clear architecture that doesn't even require a landing page to exist at all, you need to get away from the idea of concealing the form fields themselves and instead make the form fields' expected contents hard to spoof.  This is why #1 can work by virtue of "expecting empty" and is really the core idea of #2.

0 Likes
1,303
Reply
Anonymous
Not applicable
‎11-19-2015 05:51 PM
‎11-19-2015 05:51 PM

Wow, great response. I actually came to the same conclusion as well (with a little less science) and made the recommendation for my team to apply solutions 1 & 2 to all future forms (and past as well). Especially because both are solutions that I could implement on my own.

In addition, I did setup the New Smart Campaign that identifies anyone who fills out fields on a form with entries I've identified with spam such as "123456" for phone number, etc. I set it run automatically once every hour.

I'll be a happy camper once all of this is setup and the spam is behind me. Thanks for talking this through with me. Cheers!

1,303
Reply
Anonymous
Not applicable
‎08-12-2016 07:09 AM
‎08-12-2016 07:09 AM

Thomas - would you be comfortable sharing your filtering criteria for the smart campaign?

0 Likes
1,303
Reply
Anonymous
Not applicable
‎05-13-2014 03:54 AM
‎05-13-2014 03:54 AM
I am intrigued by Jessie's "Best Answer" but for each link I get the following respectively:

1. MKTO community page with this content "An Error occurred while processing your request. Please try again later." 


2. Question:

Can I add CAPTCHA to a Marketo form?

Answer:

No, you cannot, but you also should not need to. Marketo has a built in protection mechanism that helps tremendously with reducing the number of spam form fills. Adding a CAPTCHA would negatively impact your legitimate conversion rates.

3. Same as the first link.


If I weren't kinda desperate to solve this issue, I'd laugh  🙂

0 Likes
3,417
Reply
Anonymous
Not applicable
‎03-12-2014 09:24 AM
‎03-12-2014 09:24 AM
Can you please provide good links for this information?

0 Likes
3,417
Reply
Anonymous
Not applicable
‎02-07-2014 03:13 PM
‎02-07-2014 03:13 PM
Some of the links in Jesse's post aren't working.
3,417
Reply
Anonymous
Not applicable
‎03-19-2013 01:07 PM
‎03-19-2013 01:07 PM
Thanks, this works for me.
0 Likes
3,417
Reply
Josh_Hill13
Level 10 - Champion Alumni
Level 10 - Champion Alumni
‎03-18-2013 07:02 AM
‎03-18-2013 07:02 AM
Jessie,

There are a few articles on this. Do a quick search for "empty leads" or "form bots"
Try this article too. I think it has a link to one of those
http://www.marketingrockstarguides.com/marketo-form-instructions-164/

3,420
Reply
Geoff_Krajeski1
Level 10 - Champion Alumni
Level 10 - Champion Alumni
‎09-13-2016 04:19 AM
‎09-13-2016 04:19 AM

Unfortunately the three Marketo document links are no longer available

0 Likes
3,417
Reply
Home